Fix use of Fission-incompatible GetTopLevelContentDocument function in CanvasUtils::IsImageExtractionAllowed
Categories
(Core :: Graphics: Canvas2D, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox98 | --- | fixed |
People
(Reporter: kmag, Assigned: tjr)
References
(Blocks 1 open bug)
Details
(Whiteboard: [not-a-fission-bug])
Attachments
(1 file)
Under Fission, GetTopLevelContentDocument will return the farthest in-process ancestor document, meaning it will never see third-party ancestors at all.
The function should instead be using something like AntiTrackingUtils::IsThirdPartyWindow
or mozIThirdPartyUtil::IsThirdPartyWindow
(though the latter really needs to be updated to take an inner rather than an outer window), or just checking WindowContext::GetIsThirdPartyWindow()
directly.
Updated•3 years ago
|
Comment 1•3 years ago
|
||
Lee, please assign this to someone to be fixed for Fission M7a (Fx91). Thanks!
Updated•3 years ago
|
Comment 2•3 years ago
|
||
Lee, why did you redirect NI to kmag? Kmag from the Fission team has found the issue. The module owner has to fix it though not kmag.
Comment 3•3 years ago
•
|
||
Essentially this code appears to more naturally fall under the provenance of the DOM team or potentially network/security team. They would probably be the most knowledgeable of how to fix it. Kris already had suggestions of what needed to happen, so he might be better suited to implement those suggestions. The code in question appears more security related than anything actually rendering related.
Ownership of canvas is a multi-team collaborative, and though the gfx team is a steward of the code in the current state of things, in the end the team best able to address the code is who should look at it. Maybe Jeff Muizelaar can offer suggestions about who best to work on this, as he was one of the original reviewers of the addition of that particular function.
Comment 4•3 years ago
|
||
This is for RFP, where we probably do the wrong thing on RFP+Fission now.
Assignee | ||
Comment 5•3 years ago
|
||
I'll own it. I'm clearing the Fission milestone because RFP is an unsupported configuration and it shouldn't block or count towards Fission efforts.
Updated•3 years ago
|
Updated•3 years ago
|
Assignee | ||
Comment 6•3 years ago
|
||
Assignee | ||
Comment 7•3 years ago
|
||
Would this need to be backported to ESR 91? Does non-Fission mode in 91 have this bug?
Pushed by tritter@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/2b6c0cdb6c41 Fix 3rd-party check in RFP's canvas algorithm r=farre
Comment 9•2 years ago
|
||
bugherder |
Assignee | ||
Updated•2 years ago
|
Updated•6 months ago
|
Description
•